1. Field of the Invention
The present invention relates to a card type recording medium such as an IC card used, for example, as an electronic money carrier, credit card, ID card, autonomy card, etc., further to an access control method for such a card type recording medium, and a computer-readable recording medium on which an access control program for the card type recording medium is recorded.
Recently, as IC cards have widely been used, information that need security, such as electronic money information, credit card information, clinical chart information, etc., have been stored in the IC cards. Accordingly, the IC cards are being required to securely store such information. In order to comply with such requirement, it is strongly requested to enhance security when the access control is performed by means of the command in conformity with the international standard (ISO 7816).
2. Description of the Related Art
The technique to perform the access control of a card type recording medium have been disclosed in the Japanese Patent Application Laid-open No. (hereunder, referred to simply as JP-A) 60-160491 (IC card), JP-A-60-205688 (portable medium), JP-A-60-205689 (portable medium), JP-A-60-205690 (portable medium), JP-A-60-207939 (recording system by an electronic device), and the like, which have been considered as effective means to enhance security for the card type recording medium.
The technique disclosed in the JP-A-60-160491 (IC card) will be described as an example with reference to FIG. 46(a), 46(b), and FIG. 47.
As shown in FIG. 46(a), an IC card 100 contains files 101-1, 101-2 to store data being access objects. The files 101-1, 101-2 are given an access authority information (security management information) 102-1, 102-2, respectively.
Further, a client 103A is given a password pin: xe2x80x9caxe2x80x9d, a client 103B is given a password pin: xe2x80x9ca, cxe2x80x9d, and a client 103C is given a password pin: xe2x80x9ca, bxe2x80x9d. Here, the access authority information 102-1, 102-2 given to the files 101-1, 101-2 both are xe2x80x9ca, bxe2x80x9d. Therefore, only the client 103C having the password xe2x80x9ca, bxe2x80x9d can read the file 101-1, 101-2.
Under such an assumption, let""s consider a method to newly give the authority to read the file 101-1 to the client 103A. However, the client 103A is not given the authority to access the file 101-2, and the client 103B is not given the authority to access the file 101-1. Further, the client 103C is assumed not to be given any influence.
In this case, as shown in FIG. 46(b), further giving a password xe2x80x9cdxe2x80x9d to the client 103A to change the password of the client 103A into xe2x80x9ca, dxe2x80x9d, and changing the setting of the access authority information 102-1 given to the file 101-1 into the one as shown by the symbol 102-1xe2x80x2 will be able to newly give an authority to read the file 101-1 to the client 103A.
Further, let""s consider a method to newly give the authority to read the file 101-1 to a client 103D having the password xe2x80x9cb, cxe2x80x9d.
In this case, as shown in FIG. 47, further giving a password xe2x80x9cdxe2x80x9d to the client 103D to change the password of the client 103D into xe2x80x9cb, c, dxe2x80x9d, and changing the setting of the access authority information 102-1xe2x80x2 given to the file 101-1 into the one as shown by the symbol 102-1xe2x80x3 will be able to newly give an authority to read the file 101-1 to the client 103D.
Incidentally, the file 101-2 and the access authority information 102-2 are not illustrated in FIG. 46(b) and FIG. 47.
However, in the foregoing method of controlling an access to the card type recording medium, the method of setting and modifying the access authority and the method of using and maintaining/managing the security system are not easy for a user to understand; and the work to set and modify the access authority and the work to use and maintain/manage the security system become rather a nuisance for a designer of the security system, which is a problem.
In other words, when expanding or shrinking the access authorities of the clients 103A to 103D, the access authority information 102-1, 102-2 given to the files 101-1, 101-2 have to be reviewed, and the work to set and modify the access authority will give an influence to the entire system. That is, to change the access authority after having defined the security system as mentioned above will require to review the whole security system in advance, which makes the work to set and modify the access authority considerably complicated.
The techniques disclosed in the other applications laid open holds the similar problems.
Further, when considering a multi-purpose use in which an electronic money information, credit card information, autonomy information, etc., are stored in one card type recording medium, it is considered necessary to be able to control the security at one place and to be able to maintain the independence of information among applications, for the operation of the security system.
The present invention has been made in view of the foregoing problems, and an object of the present invention is to provide a card type recording medium and an access control method for the card type recording medium, whereby the management and operation of the security system can reliably be performed while the work to set and modify the access authority can be simplified even in a multi-purpose use, and a computer-readable recording medium on which an access control program for the card type recording medium for controlling accesses of data by access subjects is recorded.
In order to accomplish the foregoing object, the card type recording medium relating to the present invention contains storage units to store data being access objects and an access control unit to control an access to the data by an access subject, in which the access control unit is designed to comprise an access subject identification information generating unit to generate an access subject identification information for identifying the access subject, an access authority information read-in unit to read access authority information for obtaining an access authority set in correspondence with the data that the access subject requests to access, and a control unit to obtain an access authority in correspondence with the access subject identification information from the access subject identification information and the access authority information, and to control an access to the data by the access subject on the basis of the access authority obtained.
And, in the card type recording medium relating to the invention, the access subject identification information is comprised of an information relating to at least more than two conditions for accessing.
Further, in the card type recording medium relating to the invention, the access subject identification information is comprised of a collating access subject identification information for collating an operator and an authenticating access subject identification information for authenticating an application.
And, in the card type recording medium relating to the invention, the collating access subject identification information corresponds to an access subject collating information that indicates a status of the operator, and the authenticating access subject identification information corresponds to an access subject authenticating information for identifying the application.
Further, in the card type recording medium relating to the invention, the collating access subject identification information and the authenticating access subject identification information are expressed by a matrix of at least one category information and a level information having hierarchies.
And, in the card type recording medium relating to the invention, the access authority information are comprised of access authority elements determined on the condition of the collating access subject identification information and the authenticating access subject identification information for each of the elements of the matrix and an arithmetic function using the access authority elements.
Further, in the card type recording medium relating to the invention, the access subject identification information generating unit holds (1) default collating access subject identification information, (2) default authenticating access subject identification information, (3) access subject collating information for reference, (4) access subject authenticating information for reference, (5) access subject identification information generating information, and (6) an arithmetic function. In the above, (1) the default collating access subject identification information is information for collating an operator, (2) the default authenticating access subject identification information is information for authenticating an application, (3) the access subject collating information for reference is information for indicating a status of the operator, (4) the access subject authenticating information for reference is information for identifying the application, (5) the access subject identification information generating information is information for generating a collating access subject identification information for collating the operator in correspondence with the access subject collating information for reference, and for generating an authenticating access subject identification information for authenticating the application in correspondence with the access subject authenticating information for reference, and (6) the arithmetic function is a function for reflecting the generated collating access subject identification information on the default collating access subject identification information, and for reflecting the generated authenticating access subject identification information generated on the default authenticating access subject identification information.
And, the card type recording medium relating to the invention contains a plurality of logic channels through which the access subject accesses the data, and the access control unit controls an access to the data by the access subject independently for each of the logic channels.
Further, in the card type recording medium relating to the invention, the access control unit generates the access subject identification information for each of the logic channels.
And, the card type recording medium relating to the invention holds an audit log being an information in which the operation of the access control unit is audited.
On the other hand, an access control method for the card type recording medium relating to the invention is to control an access to the data by an access subject, in the card type recording medium containing storage units to store data being access objects. The method includes an access subject identification information generating step to generate an access subject identification information for identifying the access subject, and an access authority information read-in step to read in access authority information for obtaining an access authority set in correspondence with the data that the access subject requests to access. Further, the method includes a control step that obtains an access authority in correspondence with the access subject identification information from the access subject identification information and the access authority information, and controls an access to the data by the access subject on the basis of the access authority obtained.
And, in the access control method for the card type recording medium relating to the invention, when the access subject inputs an access subject collating information to indicate a status of an operator and an access subject authenticating information for identifying an application, the access subject identification information generating step compares the inputted access subject collating information and the inputted access subject authenticating information with an access subject collating information for reference and an access subject authenticating information for reference. And if the two coincide, the access subject identification information generating step generates a collating access subject identification information for collating the operator and an authenticating access subject identification information for authenticating the application in correspondence with the access subject collating information for reference and the access subject authenticating information for reference, and reflects the generated collating access subject identification information and the generated authenticating access subject identification information on a default collating access subject identification information for collating the operator and a default authenticating access subject identification information for authenticating the application.
Further, in the access control method for the card type recording medium relating to the invention, the access subject identification information is designed to contain a collating access subject identification information for collating the operator and an authenticating access subject identification information for authenticating the application; and the control step determines access authority elements on the condition of the collating access subject identification information and the authenticating access subject identification information, and obtains the access authority in correspondence with the access subject identification information through an arithmetic operation using the access authority elements.
Further, a computer-readable recording medium relating to the invention has an access control program for the card type recording medium recorded, and the access control program controls through a computer an access to a data by an access subject in the card type recording medium containing storage units to store data being access objects. In the computer-readable recording medium, the access control program for the card type recording medium causes the computer to function by means of an access subject identification information generating unit to generate an access subject identification information for identifying the access subject, an access authority information read-in unit to read access authority information for obtaining an access authority set in correspondence with the data that the access subject requests to access, and a control unit to obtain an access authority in correspondence with the access subject identification information from the access subject identification information and the access authority information, and to control an access to the data by the access subject on the basis of the access authority obtained.
According to the invention being thus described, even in case of a multipurpose use of the card type recording medium, the setting and modifying work can be simplified and the management and operation of the security system can reliably performed, which is advantageous.
Further scope of applicability of the present invention will become apparent from the detailed description given hereinafter. However, it should be understood that the detailed description and specific examples, while indicating preferred embodiments of the invention, are given by way of illustration only, since various changes and modifications within the spirit and scope of the invention will become apparent to those skilled in the art from this detailed description.